I have RH5 systems that authenticate against stock RH5 Openldap servers (2.3.43). System files (ldap.conf, pam files etc) are setup to contact the openldap server using tls. When a system boots up some of the system daemons (ntpd, hald, dbus-daemon) establish an ldap connection the the server. Once these connections get established they seem to never go away which is fine I guess. So what I have is a persistent tcp connections like this:
client:51520 --> openldapServer:389
I'm trying to work through some firewall issues and I have noticed that the ldap server sends a "ack" packet to the client every 10 hours without fail via these sockets that the daemons spawned. This is sent from the server without any thing from the client first. The 10 hours is very consistent. Does anyone know if there is something in the ldap protocol or slapd that would cause this behavior? Just trying to rule things out.
openldapServer:389 --> client:51520